Heartbleed bug could affect HealthCare.gov

HeathCare.gov users are being asked to change their passwords “out of an abundance of caution” following an administration-wide review of a new Internet security weakness known as Heartbleed.

Senior administration officials said Saturday there is “no indication” that the ObamaCare exchange portal is at risk, but an ongoing review will determine whether data stored on HealthCare.gov has been compromised, according to the Associated Press.

ADVERTISEMENT

This weekend, the online marketplace's homepage directs users to change their login information.

“HealthCare.gov uses many layers of protections to secure your information,” a message on the website says. “While there’s no indication that any personal information has ever been at risk, we have taken steps to address Heartbleed issues and reset consumers’ passwords out of an abundance of caution.”

The Heartbleed bug is an encryption flaw that silently put the passwords, personal information and credit card data of millions at risk over the last two years. While not every website across the Internet has been affected, popular websites like Facebook and Gmail became likely victims.

OpenSSL – the technology that was targeted by the Heartbleed bug – is used by many websites, including those operated by the federal government, to encrypt and protect user information.

Republicans on Saturday used the news to seize on the amount of personal data that’s required on HealthCare.gov and its potential vulnerability for theft by hackers.